If you use #SpamAssassin and actually want mail sent to you from a subdomain of #wordpress.com, you will want to add that specifically to your local welcomelist. We've had reports of signed spam from such domains, so we cannot leave the wildcard in the "default welcomelist" in SA's rule channel.
This change just went into SVN and will take a day or two to appear in the channel.
Du hast die Chemnitzer #Linux Tage 2025 verpasst? Kein Problem! Ab sofort findest Du die Videoaufzeichnung und die Vortragsfolien der beiden Heinlein-Vorträge auch in unserem Expertise-Blog.
Du möchtest mehr über den #Ceph Orchestrator als Bestandteil eines Ceph-Storage-Systems erfahren?
https://www.heinlein-support.de/blog/vortrag/ceph-orchestrator-container-fuer-storage
Für alle, die einen eigenen #Mailserver betreiben möchten: Was ist aktuell mit #SpamAssassin in der Spamabwehr möglich?
Anyone who followed me in recent days for my #SpamAssassin lore and related #spam and #InfoSec hot takes should know that I'm one of those "everything is political" guys who does not believe in falsely limiting myself...
I'm a good one to mute for the day when you've heard enough terrible news.
"The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making #SPF, #DKIM, and #DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.
Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good."
https://www.jwz.org/blog/2025/03/dmarc-and-spf/#comment-257743
EDIT: h/t @grumpybozo
@nielsk @neel @jwz Right. Both SPF and DKIM can be useful as *positive* signals. That's why we have welcomelist_{spf,dkim,auth} directives in #SpamAssassin: so you can protect mail from known-good domains only when it passes some sort of authentication.
I have never had any social media posting blow up over anything like this post about mail authentication and #SpamAssassin.
Glad people aren't angry at me...
@ghard @jwz We (the #SpamAssassin project) had support for HashCash for well over a decade. No one used it. No one cared enough to fix the plugin for recent versions, so we dropped it.
There's a strong argument that any form of "e-postage" is doomed. Spammers can hijack computing power in arbitrary amounts for paying it.
@jwz The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making SPF, DKIM, and DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.
Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good.
Tag 2 der Chemnitzer Linux-Tage läuft. Wie immer eine großartige Veranstaltung mit spannenden Vorträgen und tollem Publikum. Nachdem unsere Kollegen gestern schon Vorträge zu #SpamAssassin und #Ceph halten durften, sind heute Vorträge von #OpenCloud und #OpenTalk im Programm.
Um 12 Uhr in Raum V7 geht's los - vor Ort oder im Live-Stream. Wir freuen uns auf Sie!
Zum Programm:
https://chemnitzer.linux-tage.de/2025/de/programm/vortraege
I'm pulling my hair out.
A simlple mail containing
Bill Cole 
Hacker News 
teststring
some random textlocal.cfbody TESTRULE /^teststring$/
score TESTRULE 5.0spamassassin -tteststring
sometextbody TESTRULE /^teststring/
score TESTRULE 5.0Spamtricker ausgetrickst:
(Ich weiß noch nicht, ob ich meine Friendica-Ergüsse nicht nach definierter Zeit löschen werde, der Blog-Artikel ist also zunächst für mich 
)
#ProxmoxMailGateway 8.2 has been released (#Proxmox / #ProxmoxMG / #MailGateway / #ZFS / #OpenZFS / #SpamAssassin / #Postfix / #PostgreSQL / #Linux / #Debian / #Bookworm / #DebianBookworm) https://proxmox.com/
Is it really possible for svn.apache.org to be down and only the #SpamAssassin utility host and me to notice?
I had to increase maximum size for spam scanned messages on a bunch mail servers.
Spamassassin is a tool that scans messages to identify spam. By default it skips messages over 512K. Scanning larger messages is resource intensive and it used to be that spammers kept their messages to a minimum size to be efficient when sending large volumes of mail.
Well I've notice a slew of spam messages coming in right around 613K recently. They have image attachments that seem to be designed specifically to get past the 512K threshold.
Increased the spamc max-size var to 1048576 and these f*#$@ers are going back to the Junk bin.
p.s. Also increased the post size limit on norcal.social to allow for this post in it's entirety. Posts can now be 1024 characters, up from 500. Carry on.
SpamAssassin: Ninja Email Spam Filtering
https://www.tresseo.com/articles/spamassassin-email-spam-filtering/
#spamassassin #email #emailhosting #business
Irgendwie bin ich vielleicht einem Bug im #SPF-Modul von #Spamassassin auf der Spur. Ich habe heute 10 Stunden Dokus gelesen, mich durch den Perl-Quelltext gewühlt, verschiedene Konfigurationen ausprobiert und bestimmt 100 Testmails geschickt. Am Ende verhärtet sich der Verdacht, dass der Parser für die SPF-Regeln vielleicht ein Problem hat. Aber jetzt erst einmal Wochenende, Montag geht's weiter. Wenn ich das schaffe abzuschalten.
This is one reason I’m glad we've never moved real work on #SpamAssassin to git & esp. not to GitHub. We drop a read-only replica there, but it is strictly read-only, with the real work in #ASF’s SVN. We do not have anything like the dev/admin bandwidth to triage garbage PRs. We get slop in the Bugzilla occasionally but so far no one has bothered trying to do that at scale.
A #FOSS project can be TOO open (!) if it lacks governance capacity to repel #InfoSec threats.
https://fosstodon.org/@ocefpaf/113949783224650683
